KLA10668
File access vulnerability in QlikTech QlikView
Updated: 06/01/2019
Detect date
?
09/16/2015
Severity
?
High
Description

XML external entity vulnerability was found in QlikView at AccessPoint.aspx. By exploiting this vulnerability malicious users can read arbitrary files. This vulnerability can be exploited remotely via a specially designed xml data.

Affected products

QlikTech Qlikview versions earlier than 11.20 SR12

Solution

Update to the latest version
Get QlikView

Impacts
?
RLF 
[?]
CVE-IDS
?